WO2003025717A1 - Controle d'acces de serveur - Google Patents

Controle d'acces de serveur Download PDF

Info

Publication number
WO2003025717A1
WO2003025717A1 PCT/GB2002/004068 GB0204068W WO03025717A1 WO 2003025717 A1 WO2003025717 A1 WO 2003025717A1 GB 0204068 W GB0204068 W GB 0204068W WO 03025717 A1 WO03025717 A1 WO 03025717A1
Authority
WO
WIPO (PCT)
Prior art keywords
password
server
chent
data server
data
Prior art date
Application number
PCT/GB2002/004068
Other languages
English (en)
Inventor
Paul Caplin
Martin James Tyler
Original Assignee
Caplin Systems Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Caplin Systems Limited filed Critical Caplin Systems Limited
Priority to US10/489,766 priority Critical patent/US20040267946A1/en
Publication of WO2003025717A1 publication Critical patent/WO2003025717A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Definitions

  • This invention relates to the field of server access control, particularly but not exclusively to a method of controlling access to a server which provides real-time information over the Internet, for incorporation into a website downloaded by a client from a separate server.
  • hypermedia is used to cover all types of content, including but not limited to pictures, graphics, sound and video. While the primary language for representing hypermedia content on the web is HTML, other markup languages are constantly developing, including, for example, XML.
  • HTML Hypertext Transfer Protocol
  • hypermedia is therefore not intended to be limited to any particular web language, nor indeed to the web, but should be interpreted as a general term which can also refer to content on public or private networks which operate according to Hypertext Transfer Protocol (HTTP) or other similar protocols.
  • HTTP Hypertext Transfer Protocol
  • the intention behind the arrangement described above is that a user always connects to the website to gain access to the real-time data, so that, for example, a commercial charging arrangement can be made between the website operator and the real-time data server operator based on access requests to the data server by the user.
  • a commercial charging arrangement can be made between the website operator and the real-time data server operator based on access requests to the data server by the user.
  • a sophisticated user may be able to access the data server directly without needing to go via the website.
  • the data server may wish to prevent such access, since it represents a drain on its resources and since it has no charging arrangement with the user.
  • the web server operator would benefit from an accounting mechanism by which the data server operator can demonstrate to it that users accessing the data server have done so via the web server.
  • a method of controlling access to a data server comprising the steps of receiving, at a hypermedia server, a request from a client for a hypermedia document, said hypermedia document being configured to receive data from the data server for use by the client; in response to said request, generating a password to provide the client with access to the data server, receiving the password at the data server, attempting to validate the password and in response to a successfully validated password, providing the data from the data server to the client.
  • the password can be generated using a public key encryption scheme.
  • the method can comprise, prior to generating the password, the steps of generating a public and private key pair, storing the private key at a component on a hypermedia server-side for use in generating the password and sending the public key to a component on a data server-side for use in validating the password.
  • the method can further comprise signing the password with the private key.
  • the client's signed password can only be generated at the hypermedia server-side, so that the data server operator can prove that a password which has been successfully validated with a public key held at the data server-side can only have originated from the hypermedia server-side. This means that the client has obtained the password by accessing the hypermedia server first.
  • a method of authenticating a client to a data server comprising the steps of receiving a resource request from the client at a resource server, in response to the resource request, generating a password for use by the client in establishing a connection to the data server and sending the password to the chent, wherein the data server is configured to validate the password in response to a connection request from the chent.
  • hypermedia server apparatus configured to provide information to permit a chent to connect to a data server, comprising means for receiving a request from a chent for a hypermedia document, said hypermedia document being configured to receive data from the data server for use by the client and means for generating a password in response to said request, to provide the chent with access to the data server, wherein the apparatus is further arranged to generate information to be provided to the data server to enable the data server to validate the generated password.
  • the invention also provides data server apparatus for providing data to a chent in response to a request from the chent, the apparatus comprising means for storing information for validating a password generated by a remote server apparatus, means for receiving a chent request, said request including a password and means for validating the password in dependence on information relating to the identity of the remote server apparatus.
  • the invention provides a system for controlling access to a data server, the system comprising hypermedia server apparatus for receiving a request from a chent for a hypermedia document, said hypermedia document being configured to receive data from the data server for use by the chent, the hypermedia server apparatus including means for generating a password in response to said request, to provide the chent with access to the data server and data server apparatus for receiving a password from the chent, the data server apparatus including means for validating the password and means for providing the data from the data server to the chent in response to a successfully vahdated password.
  • Figure 1 illustrates a conventional Internet connection scheme on which a method of access control according to the invention can be implemented
  • Figure 2 illustrates an example web page which incorporates streaming data from a data server separate from the web server which provides the page;
  • Figure 3 is a schematic diagram of a conventional computer
  • Figure 4 is a schematic diagram of a system according to the invention.
  • Figure 5 is a flow diagram illustrating the generation of a pubhc/private key pair and subsequent key management process
  • Figure 6 is a flow diagram illustrating the processes occurring on a request by a chent for the web page of Figure 2;
  • Figure 7 is a flow diagram illustrating the processes occurring when the chent requests real-time data from the data server.
  • Figure 1 illustrates a system on which the invention can be implemented in which a user uses browser software 1 running on a computer 2 to download, via the Internet 3, web pages hosted by web server software 4 running on a first server machine 5.
  • the browser software for example, Internet ExplorerTM or Netscape NavigatorTM, is referred to herein as a web chent or chent 1, while the web server software 4 is referred to herein as a web server or server 4.
  • Web pages which are downloadable by the chent 1 can be configured to include real-time information from a push data server 6 running on a second server machine 7, also referred to herein as the data server machine 7, which establishes a substantially continuous connection 8 with the client 1 so that data can be pushed from the server 6 to the client 1 for display within a downloaded web page, without the connection needing to be opened and closed every time data needs to be transferred.
  • the user downloads a web page 10 from server address website.com.
  • the web page 10 includes a first section 11 which originates from the web server 4 as well as a second section 12 giving access to live share prices, which are obtained from a website address datasource.com hosted by push data server 6.
  • the web page 10 can include the program code necessary to embed the real-time data from the data server 6, for example in the form of a JavaTM applet.
  • chent computer 2 and server machines 5, 7 are conventional commercially available computers having all of the hardware, operating system software and apphcation software required to perform their respective functions.
  • the chent computer 1 and server computers 5, 7 each comprise a central processing unit (CPU) 13 for executing computer programs and managing and controlling the operation of the computer.
  • the CPU 13 is connected to a number of devices via a bus 14, the devices including a read/write device 15, for example a floppy disk drive for reading and writing data and computer programs to and from a removable storage medium such as a floppy disk 16, a storage device 17, for example a hard disk drive for storing system and apphcation software, a DVD/CD-ROM drive 18 and memory devices including ROM 19 and RAM 20.
  • the computer further includes a network card 21 for interfacing to a network 3 and user input/output devices, such as a mouse 22, keyboard 23 and display 24. It will be understood by the skilled person that the above described architecture is not hmiting, but is merely an example of a typical computer architecture.
  • the operator of the data server 6 which provides the real-time information requires payment for the provision of the service and provides the service based on a hcensing agreement.
  • the operator of the web server 4 is authorised to embed the real-time information from the data server 6 in its website on the basis of a multi-user licence, giving individual users of the website access to the data server 6 subject to the maximum number of licences.
  • an authorisation mechanism is provided to control access to the data server 6.
  • the first server machine 5 includes first and second JavaTM programs 30, 31.
  • the first program 30 is a key generator for generating keys to be used in a pubhc key encryption scheme, for example using conventional RSA encryption.
  • the first program 30 therefore generates a pubhc/private key pair 32, 33 (step si), stores the private key 33 in memory 34 (step s2) so that it is available to the second program 31 and makes the pubhc key 32 available to the data server 6, for example by electronically sending it to the second server machine 7 (step s3).
  • the first program 30 has the capability to generate a plurality of key pairs to enable authentication of the website to a plurality of data servers 6.
  • the function of the second program 31 will be explained in more detail below.
  • a third program 35 stores the pubhc key 32 from the first server machine 5 in a database 36 (step s4).
  • the database 36 is capable of storing public keys from a plurality of web server machines, to enable real-time data to be provided to a plurality of websites.
  • the second server machine 7 also includes a fourth program 37, the functionahty of which will be described in detail below.
  • first to fourth programs 30, 31, 35, 37 have been described as being located within respective server machines 5, 7, the programs can be distributed among separate physical devices in communication with one another.
  • the components 4, 30, 31, 34 described as being within the first server machine 5 are therefore also referred to herein as being on a hypermedia server-side of the system, while the components 6, 35, 36, 37 described as being within the second server machine 7 are also referred to herein as being on a data server-side of the system.
  • a user connects to a selected web page using his browser 2 (step s5). He supphes a username and password which has been previously set up for him (step s6), if this is required by the web server 4.
  • the web server 4 passes control to the second program 31 (step s7).
  • the second program 31 generates and concatenates a number of components into a string to form a second password (step s8).
  • the second password is referred to herein as a dynamic password, since it is created only in response to a chent access request.
  • the components making up the dynamic password string include: (i) a sequence number, which is incremented on each request for a dynamic password, so that each dynamic password is unique;
  • a datestamp which allows the dynamic password to have a limited hfespan, so that it cannot be captured and used at a later date; and (hi) an optional text string, which can assist with logging.
  • the second program 31 extracts the stored private key 33 from the memory 34 and uses it to sign the dynamic password (s9). Signing involves the known technique of generating a hash, encrypting it and appending the hash to the password string.
  • the signed string is then base 64 encoded (slO). This is done to allow the string to be inserted into an HTML document and to prevent the string from containing any characters which could be interpreted as control characters during the transfer process.
  • the program 31 also generates a user identity code, referred to herein as a userid (step sl l), which comprises a name associated with the website, for example website.com, to enable the second server machine 7 to identify the pubhc key 32 with which it should attempt validation.
  • the userid may also contain an optional text string, to help with logging.
  • the username and password with which the user logged into the web server 4 are used in the authentication procedure, for example by incorporating a portion of the username and/or password into the web server userid.
  • the signed dynamic password and userid are returned to the chent 1 together with the requested web page, which includes the program code necessary to embed the real-time data from the data server 6, for example in the form of a JavaTM applet (step si 2).
  • the program code required for embedding the real-time data can come from the data server 6, from a combination of both web server and data server or from another web server or several web servers altogether. In this case, the web server 4 may therefore return the program code or a reference to its location to the chent 1.
  • the program code in the downloaded web page automatically redirects the chent 1 to connect to the data server 6 (step si 3).
  • the dynamic password and userid are sent to the data server 6 with the access request (step si 4).
  • the fourth program 37 at the second server machine 7 extracts the website name from the userid (step si 5) and liaises with the third program 35 to retrieve the corresponding pubhc key 32 from the database 36 (step sl6). It then attempts to vahdate the dynamic password using the pubhc key 32 (steps sl7, si 8). If the dynamic password was created using the private key 33 which corresponds to the public key 32, then validation will be successful. If not, the access attempt is rejected (step si 9).
  • step s20 If validation is successful, a check is made against a log of previously used dynamic passwords, to ensure the dynamic password has not been used previously (step s20). If it has, the access attempt is again rejected (step si 9). If it has not, the datestamp is examined to detemine whether the dynamic password was created within a predetermined time window, configurable by each website (step s21). If outside the window, the access attempt is again rejected (step sl9). For example, when a user terminates its account with the website or moves to a different service, the dynamic password cannot be used after the predetermined time window has expired. If within the window, the dynamic password is acceptable and is added to the previously used dynamic password log to prevent future re-use (step s22).
  • the required data is then downloaded to the chent 1 (step s23).
  • the method described above permits the second server to prove to the first server that users of the second server have come via the first server's web site, since only the first server can vahdly generate the user's dynamic password.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

L'invention concerne un procédé de contrôle d'accès à un serveur de données, dans lequel un serveur web reçoit une demande d'un client pour une page web, configurée de manière à pouvoir recevoir des données provenant du serveur de données pour être affichée par le client. En réponse à la demande, un programme associé au serveur web génère un mot de passe signé par une clé privée afin qu'un accès au serveur de données soit fourni au client, une clé publique correspondante ayant préalablement été envoyée au serveur de données. Le mot de passe est renvoyé au client et un code de programme dans la page web dirige le client pour qu'il puisse se connecter au serveur de données. Le serveur de données reçoit le mot de passe et tente de le valider au moyen de la clé publique provenant du serveur web. Si le mot de passe est validé avec succès, les données sont envoyées au client.
PCT/GB2002/004068 2001-09-17 2002-09-05 Controle d'acces de serveur WO2003025717A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/489,766 US20040267946A1 (en) 2001-09-17 2002-09-05 Server access control

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP01307896.9 2001-09-17
EP01307896A EP1293857A1 (fr) 2001-09-17 2001-09-17 Contrôle d'accès au serveur

Publications (1)

Publication Number Publication Date
WO2003025717A1 true WO2003025717A1 (fr) 2003-03-27

Family

ID=8182271

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2002/004068 WO2003025717A1 (fr) 2001-09-17 2002-09-05 Controle d'acces de serveur

Country Status (3)

Country Link
US (1) US20040267946A1 (fr)
EP (1) EP1293857A1 (fr)
WO (1) WO2003025717A1 (fr)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030208539A1 (en) * 2002-05-02 2003-11-06 Gildenblat Ilya G. Event-driven information publication
US8185961B2 (en) * 2005-03-10 2012-05-22 Nippon Telegraph And Telephone Corporation Network system, method for controlling access to storage device, management server, storage device, log-in control method, network boot system, and method of accessing individual storage unit
CN100533452C (zh) 2006-06-26 2009-08-26 国际商业机器公司 用于数字权利管理的方法和装置
TWI345406B (en) * 2007-07-31 2011-07-11 Formosoft Internat Inc System and method of mutual authentication with dynamic password
US8132019B2 (en) * 2008-06-17 2012-03-06 Lenovo (Singapore) Pte. Ltd. Arrangements for interfacing with a user access manager
WO2013185326A1 (fr) * 2012-06-14 2013-12-19 Google Inc. Vérification de l'identité d'un utilisateur
US9893887B2 (en) 2015-01-30 2018-02-13 Ciena Corporation Dynamic licensing for applications and plugin framework for virtual network systems
US20180357411A1 (en) * 2017-06-13 2018-12-13 Ca, Inc. Authentication Of A Device
CN108564688A (zh) * 2018-03-21 2018-09-21 阿里巴巴集团控股有限公司 身份验证的方法及装置和电子设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
EP1047238A2 (fr) * 1999-04-20 2000-10-25 Hitachi, Ltd. Méthode pour la distribution et réception d'informations, dispositif et logiciel
WO2000067415A2 (fr) * 1999-05-04 2000-11-09 First Data Corporation Procede et systeme permettant une authentification et une ouverture de session unique utilisant des mouchards electroniques certifies de maniere cryptographiques dans un environnement informatique reparti
WO2001040908A2 (fr) * 1999-11-29 2001-06-07 Medical Data Services Gmbh Incorporation securisee de contenu
WO2001044908A1 (fr) * 1999-12-17 2001-06-21 Microsoft Corporation Serveur pour un systeme de repartition electronique et son procede de fonctionnement

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5351295A (en) * 1993-07-01 1994-09-27 Digital Equipment Corporation Secure method of neighbor discovery over a multiaccess medium
US6108703A (en) * 1998-07-14 2000-08-22 Massachusetts Institute Of Technology Global hosting system
US7203838B1 (en) * 1999-09-09 2007-04-10 American Express Travel Related Services Company, Inc. System and method for authenticating a web page
US20010042032A1 (en) * 2000-05-11 2001-11-15 Crawshaw Geoffrey K. System for capturing, processing, tracking and reporting time and expense data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
EP1047238A2 (fr) * 1999-04-20 2000-10-25 Hitachi, Ltd. Méthode pour la distribution et réception d'informations, dispositif et logiciel
WO2000067415A2 (fr) * 1999-05-04 2000-11-09 First Data Corporation Procede et systeme permettant une authentification et une ouverture de session unique utilisant des mouchards electroniques certifies de maniere cryptographiques dans un environnement informatique reparti
WO2001040908A2 (fr) * 1999-11-29 2001-06-07 Medical Data Services Gmbh Incorporation securisee de contenu
WO2001044908A1 (fr) * 1999-12-17 2001-06-21 Microsoft Corporation Serveur pour un systeme de repartition electronique et son procede de fonctionnement

Also Published As

Publication number Publication date
EP1293857A1 (fr) 2003-03-19
US20040267946A1 (en) 2004-12-30

Similar Documents

Publication Publication Date Title
US6615353B1 (en) User authentication method and user authentication system
US7500099B1 (en) Method for mitigating web-based “one-click” attacks
US6338064B1 (en) Method for enabling a web server running a “closed” native operating system to impersonate a user of a web client to obtain a protected file
DE602004012996T2 (de) Verfahren und vorrichtung zum authentifizieren von benutzern und websites
US7587491B2 (en) Method and system for enroll-thru operations and reprioritization operations in a federated environment
US7725562B2 (en) Method and system for user enrollment of user attribute storage in a federated environment
US6763468B2 (en) Method and apparatus for authenticating users
US9143502B2 (en) Method and system for secure binding register name identifier profile
US7395424B2 (en) Method and system for stepping up to certificate-based authentication without breaking an existing SSL session
US7665127B1 (en) System and method for providing access to protected services
US20040059941A1 (en) Systems and methods for identifying users and providing access to information in a network environment
US7043455B1 (en) Method and apparatus for securing session information of users in a web application server environment
US20040088260A1 (en) Secure user authentication
US7953753B2 (en) Newsmaker verification and commenting method and system
EA001825B1 (ru) Способ и система защиты обработки активных транзакций
US20060026692A1 (en) Network resource access authentication apparatus and method
US20080015986A1 (en) Systems, methods and computer program products for controlling online access to an account
WO2001001656A1 (fr) Partage de sessions universel
US7506363B2 (en) Methods, systems, and computer program products for user authorization levels in aggregated systems
WO2002098039A2 (fr) Procede et systeme d'entree en communication avec un systeme informatique, et acces a ce systeme via un reseau de communications
KR101577057B1 (ko) 거래 단계 검증을 통한 비대면 금융거래 방법
US20060047662A1 (en) Capability support for web transactions
EP1209577A1 (fr) Procede destine a limiter l'exploration d'une page web et systeme de serveur
US7356711B1 (en) Secure registration
EP1293857A1 (fr) Contrôle d'accès au serveur

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DE DM DZ EC EE ES FI GB GD GE GH HR HU ID IL IN IS JP KE KG KP KR LC LK LR LS LT LU LV MA MD MG MN MW MX MZ NO NZ OM PH PL PT RU SD SE SG SI SK SL TJ TM TN TR TZ UA UG US UZ VC VN YU ZA ZM

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 10489766

Country of ref document: US

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP